Abstract: A system and method for generating insights on distributed denial of service (DDoS) attacks are provided. The method includes receiving a plurality of data feeds from a plurality of data sources; processing the plurality of received data feeds to generate enriched data sets; and analyzing the enriched data sets to generate insights information about a DDoS attack that have been participated in at least one DDoS attack.

Abstract: A method for detecting hypertext transfer protocol secure (HTTPS) flood denial-of-service (DDoS) attacks. The method estimating traffic telemetries of at least ingress traffic directed to a protected entity; providing at least one rate-base feature and at least one rate-invariant feature based on the estimated traffic telemetries, wherein the rate-base feature and the rate-invariant feature demonstrate a normal behavior of HTTPS traffic directed to the protected entity; evaluating the at least one rate-base feature and the at least one rate-invariant feature with respect to at least one baseline to determine whether the behavior of the at least HTTPS traffic indicates a potential HTTPS flood DDoS attack; and causing execution of a mitigation action when an indication of a potential HTTPS flood DDoS attack is determined.

Abstract: A method and system for multi-layer traffic steering for enabling service chaining over a software defined network (SDN) are provided. The method is performed by a central controller of the SDN and includes receiving at least one service chaining rule defining at least one value-added service (VAS) to assign to an incoming traffic flow addressed to a destination server; analyzing each of the at least one received service chaining rule to determine if an application-layer steering is required; generating at least one application-layer steering rule, upon determining that an application-layer steering is required; generating at least one network-layer steering rule, upon determining that an application-layer steering is not required; and programming a multi-layer steering fabric with the generated at least one of network-layer steering rule and application-layer steering rule.

Abstract: A system and method for controlling authorization to a protected entity are provided. The method includes: receiving an access request for access to the protected entity, wherein the access request is received from a client device; in response to the access request, causing the client device to perform an admission process that includes performing at least one game; monitoring a distributed database to identify at least one admission transaction designating admission criteria; determining if the admission criteria satisfy a set of conditions for accessing the protected entity; identifying, on the distributed database, completion results of the at least one game, wherein whether the admission criteria satisfies the set of conditions for accessing the protected entity is determined based on the results of the at least one game; and granting access to the protected entity by the client device when the admission criteria satisfies the set of conditions.

Abstract: An out-of-path defense platform protecting against excessive utilization of a cloud service providing a cloud hosted application comprising a controller communicatively coupled to a detector and a mitigator; wherein the detector receives telemetries from sources that are configured to collect telemetries related to the traffic between end user devices and an edge network that distributes traffic for the cloud hosted application, the telemetries being out-of-path information for traffic to and from the cloud-hosted application, wherein a portion of the telemetries relate to operation of a portion of a cloud computing platform hosting the cloud-hosted application, and detects, using the collected telemetries and a learned normal utilization behavior of each cloud service for the cloud-hosted application, excessive utilization of a cloud service by the cloud hosted application; and wherein the controller, upon detection of the excessive utilization, causes mitigation, by the mitigator, of the excessive utilizati

Abstract: A system and method for blockchain-based access authorization to a protected entity. The method includes: receiving, by the protected entity, an access request to a protected entity, wherein the access request is received from a client device; extracting a unique client identifier from the received access request; causing the client device to perform an admission process; monitoring a blockchain network to identify at least one admission transaction, wherein the at least one admission transaction designates admission criteria; determining if the admission criteria satisfy a set of conditions for accessing the protected entity; and granting access to the client device when the admission criteria satisfies the set of conditions, wherein the access is access to the protected entity.

Abstract: A clasp for a jewelry system has two arms and a sleeve that can slide to a position covering at least portions of both arms. In this position, the sleeve urges the clasp from an un-locked state towards a locked state.

Abstract: A system, and method therefor for disaggregated detection denial-of-service (DDoS) are provided. The system includes a plurality of detectors deployed on a plurality of network nodes, wherein each network node is connected to an edge network, wherein one detector of the plurality of detectors is deployed in each of the plurality of network nodes, wherein each of the plurality of detectors is configured to detect and characterize at least a DDoS attack by analyzing telemetries received by the respective network node in which the detector is deployed.

Abstract: A system and method for detecting anomalous hypertext transfer protocol secure (HTTPS) traffic are provided. The method includes receiving samples of at least rate-base features, wherein the rate-base features demonstrate a normal behavior of at least HTTPS traffic directed to a protected entity; computing a short-term baseline and a long-term baseline based on the received samples, wherein the short-term baseline is adapted to relatively rapid changes in the HTTPS traffic and the long-term baseline is adapted to relatively slow changes in the HTTPS traffic; computing at least one short-term threshold respective of the short-term baseline and at least one long-term threshold respective of the long-term baseline; evaluating each of the at least one threshold against real-time samples of HTTPS traffic to determine whether behavior of the HTTPS traffic is anomalous; and generating alarm when anomaly is detected.

Abstract: A method and system for blockchain-based access to a protected entity are provided. The method includes granting access tokens of a first-type to a client; identifying, in a blockchain network, a conversion transaction identifying a request to convert the first-type of access tokens with access tokens of a second-type, wherein the transaction designates at least the protected entity; determining a conversion value for converting the first-type of access tokens into the second-type of access tokens, wherein the conversion value is determined based on at least one access parameter; converting, based on the determined conversion value, a first sum of the first-type of access tokens into a second sum of the second-type of access-tokens; and granting the client access to the protected entity when the sum of the second-type of access tokens is received as a payment from the protected entity.

Abstract: A method and system for controlling access to a protected entity. The method includes receiving a redirected client request to access the protected entity that the protected entity denied; granting, in response to the received redirected request, access tokens of a first type to a client; identifying a conversion transaction identifying a request to convert the first type of access tokens with access tokens of a second type, the transaction designating the protected entity; determining a conversion value for converting first-type access tokens into second-type of access tokens, the conversion value being based on at least one access parameter; converting, using the conversion value, a first sum of the first-type access tokens into a second sum of second-type access tokens; and granting the client access to the protected entity when the sum of second-type of access tokens is received as a payment from the protected entity.

Abstract: A method and system for protecting cloud-hosted applications against application-layer slow DDoS attacks are provided. The system include a processing circuitry; and a memory connected to the processor, the memory contains instructions that when executed by the processing circuitry, configure the system to: collect telemetries from a plurality of sources deployed in a plurality of public cloud computing platforms, wherein each of the plurality of public cloud computing platforms hosts an instance of a protected cloud-hosted application; provide a set of rate-based and rate-invariant features based on the collected telemetries; evaluate each feature in the set of rate-based and rate-invariant features to determine whether a behavior of each feature and a behavior of the set of rate-based and rate-invariant features indicate a potential application-layer slow DDoS attack; and cause execution of a mitigation action, when an indication of a potential application-layer slow DDoS attack is determined.

Abstract: A method and system for protecting against quick UDP Internet connection (QUIC) based denial-of-service (DDoS) attacks. The system comprises extracting traffic features from at least traffic directed to a protected entity, wherein the traffic features demonstrate behavior of QUIC user datagram protocol (UDP) traffic directed to the protected entity, wherein the extract traffic features include at least one rate-base feature and at least one rate-invariant feature, and wherein the at least traffic includes QUIC packets; computing at least one baseline for each of the at least one rate-base feature and the at least one rate-invariant feature; and analyzing real-time samples of traffic directed to the protected entity to detect a deviation from each of the at least one computed baseline, wherein the deviation is indicative of a detected QUIC DDoS attack; and causing execution of at least one mitigation action when an indication of the detected QUIC DDoS attack is determined.

Abstract: A system for direct imaging and diagnosing of abnormal cells in a target tissue includes a disposable optical speculum and an image acquisition system having the speculum assembled on and mechanically secured thereto. The image acquisition system is arranged to capture at least one of a single image or multiple images or video of cells within the target tissue using at least one of bright field or dark field ring illumination divided into independently operated segments to obtain a plurality of data sets. An image analysis and control unit in communication with the image acquisition system analyzes the data sets and applies algorithms to the data sets for diagnosing abnormal cells.

Abstract: A method, system and a platform for protecting against excessive utilization of at least one cloud service for operation of a cloud-hosted application. The method comprising receiving, at a defense platform deployed out-of-path of traffic between a plurality of end user devices and the cloud-hosted application, telemetries from a plurality of sources, wherein each source is configured to collect telemetries related to at least one of the at least one cloud service; detecting, based on the collected telemetries and a learned normal utilization behavior for the cloud-hosted application, excessive utilization of at least one of the at least one cloud service by the cloud-hosted application; and causing mitigation, at the defense platform, of the excessive utilization of each cloud service upon detection of the excessive utilization of the at least one cloud service by the cloud-hosted application.

Abstract: A method and system for detecting and mitigation recursive domain name system (DNS) cyber-attacks are disclosed. The method includes receiving DNS queries directed to a DNS resolver, wherein the DNS resolver is communicatively connected between at least one client and at least one name server; parsing each received DNS query to extract a hostname identified therein; updating at least one array of Bloom filters using the extracted hostname; computing a ratio of an unrecognized hostnames per sample (UPS) based on the contents of the at least one array; and determining if the UPS ratio is abnormal, wherein an abnormal UPS ratio is an indication of an attack.

Abstract: A method and system for determining a cost to allow a blockchain-based admission to a protected entity. The method includes identifying, in a blockchain network, a conversion transaction identifying a conversion of a first-type of access tokens with access tokens of a second-type, wherein the transaction designates at least the protected entity; determining a conversion value for converting the first-type of access tokens into the second-type access tokens, wherein the conversion value is determined based on at least one access parameter; and converting, based on the determined conversion value, a first sum of the first-type access tokens into a second sum of the second-type access-tokens, wherein a client spends the second sum of the second-type access tokens to access the protected entity, the determined conversion value is the access cost to the protected entity.

Abstract: A method and system for protecting cloud-hosted applications against application-layer slow distributed denial-of-service (DDoS) attacks. The comprising collecting telemetries from a plurality of sources deployed in at least one cloud computing platform hosting a protected cloud-hosted application; providing a set of rate-based and rate-invariant features based on the collected telemetries; evaluating each feature in the set of rate-based and rate-invariant features to determine whether a behavior of each feature and a behavior of the set of rate-based and rate-invariant features indicate a potential application-layer slow DDoS attack; and causing execution of a mitigation action, when an indication of a potential application-layer slow DDoS attack is determined.

Abstract: A method for detecting hypertext transfer protocol secure (HTTPS) flood denial-of-service (DDoS) attacks. The method estimating traffic telemetries of at least ingress traffic directed to a protected entity; providing at least one rate-base feature and at least one rate-invariant feature based on the estimated traffic telemetries, wherein the rate-base feature and the rate-invariant feature demonstrate a normal behavior of HTTPS traffic directed to the protected entity; evaluating the at least one rate-base feature and the at least one rate-invariant feature with respect to at least one baseline to determine whether the behavior of the at least HTTPS traffic indicates a potential HTTPS flood DDoS attack; and causing execution of a mitigation action when an indication of a potential HTTPS flood DDoS attack is determined.

Abstract: A method for protecting entities against bots is provided. The method includes identifying a request from a client to access a protected entity; selecting an access policy in response to the access request, wherein the access policy includes at least one challenge to be performed by the client; identifying results of the at least one challenge, wherein the results are provided by the client upon completion of the challenge; determining a bias of the client based on the completion results, wherein the determined bias is utilized for a cyber-security assessment of the client; and granting access to the protected entity by the client based on the determined bias.